﻿<html >
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>
<body>
<? 
@session_start();
ob_start();
include("connect.php");
	$sql = "SELECT * FROM account WHERE username = '".trim($_POST['txtUsername'])."' and password = '".trim($_POST['txtPassword'])."' ";
	echo $sql."<br>";
	$record = mysql_query($sql);
	$data = mysql_fetch_array($record);
	if(!$data) { ?>
			<script language="javascript">
		 alert('username หรือ  password ไม่ถุกต้อง');history.back() ;
		</script>
        
<?	} else{
		$_SESSION["username"] = $data["username"];
		$_SESSION["status"] = $data["status"];

		$sql2="select * from customer where cus_user='".$_SESSION["username"]."' ";
		$record2=mysql_query($sql2);
		$data2=mysql_fetch_array($record2);

		$_SESSION["cus_id"]=$data2["cus_id"];
			
		session_write_close();		
			if($data["status"]=="admin")
			{
				echo " <script> window.location='linkblank.php' ;</script>";
			}
			else if($data["status"]=="user")
			{
				header("location:adminlogin.php");
			}
			else
			{
				header("location:adminlogin.php");
			}
		}
mysql_close();
?>
</body>
</html>